The US Department of Health and Human Services (HHS) has proposed rules to increase cybersecurity protections for electronic health data. The changes extend to HIPAA-regulated entities such as healthcare providers, insurers, and associated businesses, imposing stricter requirements around risk assessments, data encryption, and more. It will eliminate the “required” and “addressable” distinctions in the implementation specifications, making all violations mandatory. The public has until March 7, 2025, to submit comments on the proposal.

NSA warns that overlooked botnet technique threatens national security
The National Security Agency (NSA) has warned that fast flux, a technique used by cybercriminals and hostile nations to hide their activities, is a significant